Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Directory Traversal in SlimServe HTTP server - exploit.company
header-logo
Suggest Exploit
vendor:
SlimServe HTTP server
by:
Unknown
5.5
CVSS
MEDIUM
Directory Traversal
22
CWE
Product Name: SlimServe HTTP server
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2005-2033
CPE: a:slimserve:http_server
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Directory Traversal in SlimServe HTTP server

SlimServe HTTP server is vulnerable to directory traversal attacks, which allow malicious users to read files outside of the web server root directory. An attacker can exploit this vulnerability by sending a crafted HTTP request containing '../' sequences to access sensitive files on the server.

Mitigation:

To mitigate this vulnerability, it is recommended to update to the latest version of SlimServe HTTP server, which includes a fix for this issue. Additionally, it is advised to sanitize user input and validate file paths before processing them.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/14132/info

SlimServe HTTP server is prone to directory traversal attacks due to improper sanitization of user input.

This type of attack allows a malicious user to read files that exist outside of the Web server root directory. 

http://www.example.com/.../.../

Navigation

Suggest Exploit

Services By CQR